An AWS Advanced Technology Partner, Cavirin’s Security functionality comprises the following features


Elastic Compliance for the Amazon cloud

Automated Risk Analysis Platform (ARAP) for AWS

Key ARAP Platform Benefits
  • Continuous AWS cloud assessment
  • Instant Assessment of AWS security best practices
  • CIS AWS Foundation Benchmarks
  • Leveraging integration with AWS Inspector

Cavirin, implements the latest Center for Information Security (CIS) Amazon AWS Benchmarks and enables assessment of elastic assets that move throughout Amazon’s EC2 infrastructure. Cavirin provides prescriptive guidance for establishing a secure configuration posture in AWS cloud environments. Clear and concise documentation of your Amazon cloud environment ensures your environment is continuously compliant with current and most critical security standards and policies. Cavirin delivers extensive and automated visibility which validates critical AWS protection features in support of your overall compliance and risk analysis strategy. Achieving and maintaining AWS compliance demands both visibility and understanding of what’s deployed in your cloud environment. All of the capabilities of the Cavirin solution can also be tailored to meet and exceed your company’s unique security and internal audit assessment needs. Protect against both logical and physical failures, data loss, and application errors.

Rapidly assess compliance to regulatory standards such as:
  • PCI
  • HIPAA
  • FISMA
  • SOC2
  • DISA STIG and CIS Benchmark 
  • Cybersecurity Framework
  • CIS CSC
  • ISO27002
  • Custom Defined Controls
  • UK Cyber Essentials, CJIS, NERC, and more 

Depending upon where you are in your AWS deployment, we invite you to either request a demo, dive deeper into how automating security reduces risk and saves money, or just keep in touch!

And, please enjoy the Cavirin Blog, including our VP of Engineering’s post on how our strategy fully aligns with the keynote statements made by Werner Vogels, the CTO of Amazon.

AWS Security Hardening Policies

Policy Categories:

  • Information Flow Management
  • Authentication Management
  • Access Enforcement
  • Audit Events
  • Least Functionality
  • Identification & Authentication


Carvirin ARAP

AWS Cloud Scanning

  • Quick Install with EC2 AMI image distribution
  • Ability to scan EC2 Classic as well as EC2 VPC resources
  • Cloud scan authorization using instance-level IAM permissions
  • Discovered Cloud Elements/Configurations
  • VPCs
  • EC2 Instances
  • Snapshots
  • Images
  • Elastic Load Balancers
  • Key Pairs
  • Security Groups
  • Images
  • Users
  • Groups
  • Placement Groups
  • Auto-scaling Groups

CIS AWS Foundation Benchmarks

Forty (40) policies covering the following configuration categories:

  • Information Flow Management
  • Passwords
  • Multi-factor Authentication
  • Access Key Rotation
  • Authentication Management
  • IAM Authorization
  • Logging
  • CloudTrail enablement
  • AWS Config enablement
  • S3 Bucket Logging
  • Monitoring
  • VPC Changes
  • Networking
  • Default security group restriction
  • Security group ingress and egress traffic rules


Supports sixteen AWS Inspector Policies covering:

Supports sixteen AWS Inspector Policies covering:

  • Password rules
  • Secure protocols
  • Least privilege rules
  • Connection sessions

 

Cavirin is transforming the way IT security manages risk. Leveraging continuous visibility and automated risk analysis, companies are empowered to make the right decisions faster.

Address

5201 Great America Pkwy Suite 419  Santa Clara, CA 95054

- 1-408-200-3544

  sales@cavirin.com

  press@cavirin.com

  info@cavirin.com

Monday - Friday: 9:00 - 18:00

Cavirin US Location